Thread: Good random numbers in PG? And crypto-wishlist
I'm writing an application that requires cryptographicly-sound random decimal digits in PG. One way to do this is with a plain old hash like SHA1. The problem is that this produces a 20 byte string, when what I want is a digit from 0 to 9. One thing I could do is take this 20 byte string, and return the first 8 bytes of it as a INT8, and take the mod10 of it. That should be mostly random. Is this a good way to do it? Or is there some better way? Btw, this is on OpenBSD, which has its own internal RNG, which is cryptographicly sound. On such systems, does the RANDOM() function use the cryptographicly sound RNG, or does it use the C library's plain old low-quality RNG? Someday it would be really cool if PG had linked-in cryptographic functions. I wrote a SHA1 hash and DES that link in, which is a good start, but it would be awesome to also have RSA encrypt/decrypt/sign, and AES encrypt/decrypt, and also something that can process OpenPGP format messages (ie, with GPG). Maybe as I get better with linking C functions in to PG I'll work on some of that. Oh yeah, and while I'm making a wish-list, having an option to encrypt the physical database file that PG uses would be fantastic. Some of us are storing some valuable data in these things, and basically none of the free OSes support file system encryption in a way that doesn't suck. I know everyone will say, "do it at the FS layer", but that just isn't reality right now, and it's a lot cheaper to encrypt the database than it is to physically secure the machine in many cases. Thanks
On Thu, Jul 26, 2001 at 05:02:30AM -0000, Dr. Evil wrote: > file that PG uses would be fantastic. Some of us are storing some > valuable data in these things, and basically none of the free OSes > support file system encryption in a way that doesn't suck. I know > everyone will say, "do it at the FS layer", but that just isn't > reality right now, and it's a lot cheaper to encrypt the database than > it is to physically secure the machine in many cases. Just out of curiosity, in waht way does linux's encrypted filesystem suck? Other than the fact that the modules arent shipped with the kernel by default, running losetup then mount doesn't sound like a major issue to me. -- Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/ > It would be nice if someone came up with a certification system that > actually separated those who can barely regurgitate what they crammed over > the last few weeks from those who command secret ninja networking powers.
On Thu, Jul 26, 2001 at 05:02:30AM -0000, "Dr. Evil" <drevil@sidereal.kz> wrote: > > I'm writing an application that requires cryptographicly-sound random > decimal digits in PG. One way to do this is with a plain old hash > like SHA1. The problem is that this produces a 20 byte string, when > what I want is a digit from 0 to 9. One thing I could do is take this > 20 byte string, and return the first 8 bytes of it as a INT8, and take > the mod10 of it. That should be mostly random. Is this a good way to > do it? Or is there some better way? This isn't necessarily useful for making it work in postgres, but I have a way to get uniform random distributions from uniformily distributed binary numbers. This is for a die roll server and uses the output from /dev/random as the source of uniformly distributed binary numbers. The module that does this part can be found at: http://wolff.to/dice/Roll.pm For more information on the dice server see: http://wolff.to/dice/